tech-security: Re: mmap(), security and /dev/zero

Subject: Re: mmap(), security and /dev/zero
To: None <tech-kern@NetBSD.org, tech-security@NetBSD.org>
From: Alan Barrett <apb@cequrux.com>
List: tech-security
Date: 06/24/2004 10:58:54

On Thu, 24 Jun 2004, Daniel Carosone wrote:
> If the shlib needed x bits in order to be executed, and the filesystem
> it was on was noexec, then the potential hole is closed.

So, at present, the situation is:

        shlibs must be in files that have "r" permission.

Several people have proposed:

        shlibs must be in files that have both "r" and "x" permission.
        shlibs must be on file systems that honour "x" permission
                (that is, were not mounted with the noexec option).

but several others have opposed it.

How does the following compromise sound?

        shlibs must be in files that have "r" permission.
        shlibs must be on file systems that honour "x" permission
                (that is, were not mounted with the noexec option).

--apb (Alan Barrett)